Benefits of a Virtual Cyber Range

Network Security Assessment

Cyber attacks have been increasing significantly in both number and complexity, prompting the need for better training of cyber defense analysts and a complete network secuirty assessment. To conduct effective training for cyber situation awareness and cyber assessment, it becomes essential to design realistic training scenarios with scalability.

SCALABLE developed Network Defense Trainer (NDT) to address the increased instances and impact on the network. NDT integrates cyberspace operations and traditional kinetic warfare into full, instrumented, synthetic cyber warfare training environments. This allows cyber warriors, network administrators and command and staff to train as they would fight, improving their awareness, reaction time and ability to take corrective action to work through degraded cyber environments and successfully complete missions.

There is a need to accurately model the effects of cyber weapons for analysis, system testing and hardening, and training. Current simulations of the Net-Centric Battlespace do not adequately recreate the impact of cyber warfare due to a lack of realistic cyber threat and defense representations.

Existing cyber ranges are limited in scale, costly, and time-consuming to configure. Moreover, they have no capability to simulate the inherent vulnerabilities endemic to wireless tactical networks. They also do not effectively model the overall effect of a cyberattack on a mission and also do not focus on a network security assessment and are therefore unsuitable for mission analysis or training.

Using NDT we are able to offer a new approach, the Virtual Cyber Range, a portable modeling and simulation framework that provides a real-time, hardware-in-the-loop capability for simulation of cyber threats to the entire net-centric infrastructure. It also provides the ability to evaluate the effectiveness of the threats in disrupting communications via key performance indicators. Our cyber range provides models for accurate cyber threat simulation at all layers of the networking stack to include passive, active, coordinated and adaptive attacks on networks with hundreds to thousands of wired and wireless components. The cyber range enables interoperability with Live-Virtual- Constructive (LVC) simulations providing assessment of human-in-the-loop performance, and can stimulate physical networked systems with simulated cyber threats for real-time testing.

SCALABLE worked with other industry experts to present a Cognitive Task Analysis based approach to address this training need while determining vulnerabilities. The technique of Cognitive Task Analysis is to capture and represent knowledge used by experts to perform complex tasks. Accurate characterization of cyber security experts’ cognitive processes can be incorporated into training materials to teach novice cyber analysts how to think and act like experts during a cyber assessment. After performing Cognitive Task Analysis of cyber situation awareness, we identify the steps necessary for designing training scenarios and training workflows. In order to address the challenge of information overload confronting the cyber analysts, we identify and design attack-specific watch list items. During training, cyber analysts can tailor their own watch list items and triggering thresholds in order to detect cyber attacks faster. As the time it takes for cyber analysts to recognize, analyze, and respond to attacks is critical, we evaluate cyber analysts’ performance based on their response time compared with the ideal attack timeline.

Using this approach can not only protect your network, but can save valuable time and costs. During a thorough network security assessment, the cyber analysts can spot vulnerabilities that leave the network open to threats and costly attacks.

Learn more by reading our white paper Cognitive Task Analaysis Based Training for Cyber Situation Awareness.